42 lines
1.2 KiB
YAML
42 lines
1.2 KiB
YAML
version: "3.9"
|
|
|
|
networks:
|
|
traefik_proxy:
|
|
external: true
|
|
|
|
services:
|
|
protected_static:
|
|
image: nginx:alpine
|
|
container_name: protected_static
|
|
restart: unless-stopped
|
|
networks:
|
|
- traefik_proxy
|
|
|
|
# Bind-mounted static content stored natively on the host
|
|
volumes:
|
|
- ./html:/usr/share/nginx/html:ro
|
|
|
|
labels:
|
|
- "traefik.enable=true"
|
|
|
|
# --------------------------
|
|
# HTTP → HTTPS redirect
|
|
# --------------------------
|
|
- "traefik.http.routers.psite-http.rule=Host(`secure.example.com`)"
|
|
- "traefik.http.routers.psite-http.entrypoints=web"
|
|
- "traefik.http.routers.psite-http.middlewares=psite-https-redirect"
|
|
- "traefik.http.middlewares.psite-https-redirect.redirectscheme.scheme=https"
|
|
|
|
# --------------------------
|
|
# HTTPS router
|
|
# --------------------------
|
|
- "traefik.http.routers.psite-https.rule=Host(`secure.example.com`)"
|
|
- "traefik.http.routers.psite-https.entrypoints=websecure"
|
|
- "traefik.http.routers.psite-https.tls.certresolver=letsencrypt"
|
|
|
|
# --------------------------
|
|
# Authelia protection
|
|
# --------------------------
|
|
- "traefik.http.routers.psite-https.middlewares=authelia-auth@file"
|
|
|